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DETAILED ACTION 

1 . This Office action is in response to the amendment filed on 8/1 8/08. 

2. Claims 1 -1 7, 1 9, 20, 22-28, 30, 32, 34-36, 39, 41 and 43-46 are pending. 

Continued Examination Under 37 CFR 1.114 

3. A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .1 7(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 8/18/08 
has been entered. 

Response to Arguments 

4. Applicant's arguments with respect to the amended claims have been considered 
but are moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 101 

5. Claims 1 -8, 1 0, 1 1 , 41 and 46 are rejected under 35 U.S.C. 1 01 because the 
subject matter of these claims is directed to a program per se, which is nonstatutory 
subject matter. On pg. 8, lines 4-6, the specification defines an embodiment wherein 
the key store is a secure memory, or at least resides at a secure memory location. On 
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pg.8, lines 31-32, the specification defines an embodiment wherein the memory access 
manager may be a software module. See MPEP 2106.01, "Descriptive material can be 
characterized as either 'functional descriptive material' or 'nonfunctional descriptive 
material.' In this context, 'functional descriptive material' consists of data structures and 
computer programs which impart functionality when employed as a computer 
component.... 'Nonfunctional descriptive material' includes but is not limited to music, 
literary works, and a compilation or mere arrangement of data. Both types of 
'descriptive material' are nonstatutory when claimed as descriptive material per se, 33 
F.3d at 1360, 31 USPQ2d at 1759." 

Claim Rejections - 35 USC § 103 

6. Claims 1, 9, 10, 22-28, 30, 32, 34, 35, 41 and 46 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Bryant et al. US 5,628,023 (hereinafter 
Bryant) in view of Bishop Computer Security , Chapter 29.5 "Common Security- 
Related Programming Problems" (hereinafter Bishop). 

7. As per claims 1 , 9, 1 0, 41 and 46, Bryant discloses a memory protection system 
comprising: 

a. a key store storing identifiers of protected memory locations and 
respective corresponding memory protection keys; and a memory access 
manager configured to receive a memory command for altering contents of any 
of the protected memory locations, determine whether the memory command 
includes a memory protection key corresponding to at least one of said protected 
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memory locations to be altered, if the memory command includes the memory 
protection key corresponding to each protected memory location to be altered, 
permit the memory command to proceed, and then render the memory protection 
key in the memory command inaccessible (fig. 3, reference nos. 485-530; figs. 7 
and 9; by virtue of de-allocating memory; see also applicant's specification, pg. 
17, lines 19-26); 

b. implemented in an electronic device having a memory, the memory 
comprising the protected memory locations and unprotected memory locations 
(program requests region of memory to be protected); 

c. wherein the memory access manager is further configured to receive 
memory commands for altering contents of the unprotected memory locations 
without checking for any memory protection key (only protected memory is 
verified [see fig. 3]); 

d. wherein the memory access manager is configured to further receive a 
memory read command to read content of a particular protected memory 
location, the memory access manager to allow the memory read command to 
proceed to read the content of the particular protected memory location without 
checking for any memory protection key. (col. 21 :3-22) 

Although Bryant does not disclose rendering the memory protection key in the memory 
command inaccessible by overwriting at least a portion of the memory protection key 
upon completion of the memory command, the step of erasing sensitive information to 
prevent unauthorized disclosure of protected information is well known in the art. Such 
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a step prevents covert analysis of memory to determine the value of deallocated 
memory. For example, Bishop discloses a basic tenet of secure deletion of sensitive 
information: "When a process finishes using a sensitive object (one that contains 
confidential information or one that should not be altered), the object should be erased, 
then deallocated or deleted. Any resources not needed should also be released ." (pg. 
901 , last sentence-pg. 902, first sentence, emphasis added) Bishop further discloses 
an example of erasing sensitive information by overwriting the data. Pg. 902, 1st full 
paragraph. Therefore, it would be obvious to one of ordinary skill in the art at the time 
the invention was made to render the memory protection key in the memory command 
inaccessible by overwriting at least a portion of the memory protection key upon 
completion of the memory command. One would be motivated to do so to securely 
remove sensitive information as known to one of ordinary skill. The aforementioned 
cover the limitations of claims 1,9, 10, 41 and 46. 

8. As per claims 22-27, 30, 32, 34 and 35, Bryant discloses a method of protecting 

memory in an electronic device, comprising: 

e. receiving a memory command to alter a protected memory location; 
determining whether the received memory command is a memory read 
command to read the protected memory location, or a memory write command to 
alter the protected memory location (col. 21 :3-21 ; fig. 3); in response to 
determining that the received memory command is the memory write command: 
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i. identifying a memory protection key corresponding to the protected 
memory location; determining whether the memory command includes the 
memory protection key corresponding to the protected memory location; 
permitting completion of the memory command where the memory 
command includes the memory protection key corresponding to the 
protected memory location (fig. 3, reference nos. 540, 560); and rendering 
the memory protection key in the memory command inaccessible (by 
virtue of de-allocating memory; see also applicant's specification, pg. 17, 
lines 19-26); and 

f. in response to determining that the received memory command is the 
memory read command, processing the memory read command to read the 
protected memory location without checking for any memory protection key; 
(21:15-18) 

g. wherein permitting comprises performing the memory write command (fig. 
3, reference no. 570); 

h. wherein receiving comprises receiving the memory command from an 
originating electronic device component, and wherein permitting comprises 
allowing the originating electronic device component to perform the memory write 
command; (fig. 1, reference nos. 100, 105, 110) 

i. receiving data to be written to the protected memory location; and 
generating the memory write command responsive to receiving the data (fig. 3, 
reference no. 540); 
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j. wherein the received data comprises a received key, and wherein 
generating comprises extracting the received key from the received data and 
inserting the received key into the memory write command (fig. 3, reference nos. 
540 and 550). 

k. Wherein determining comprises comparing the memory protection key 
corresponding to the protected memory location with the received key in the 
memory write command (fig. 3, reference nos. 555 and 560). 
I. wherein identifying comprises identifying a protected memory location in 
the memory write command and accessing a mapping table that maps protected 
memory locations to respective corresponding memory protection keys (fig. 1, 
reference nos. 140, 145, 155, 175 and 185); 

m. further comprising: receiving memory commands to alter unprotected 
memory locations; and permitting completion of the memory commands to alter 
unprotected memory locations without checking for any memory protection keys 
(unprotected memory does not require verification); 

n. wherein the identifying step comprises accessing the memory protection 
key corresponding to the protected memory location in a key store, the method 
further comprising: 

ii. receiving a command to establish a new protected memory location 
in the memory and a memory protection key corresponding to the new 
protected memory location; establishing the new protected memory 
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location in the memory; and storing the memory protection key in the key 
store, (fig. 3, reference nos. 485-530; figs. 7 and 9) 

o. Bryant further discloses a computer-readable medium storing instructions 

for performing the method of claim 22. (fig. 1 ) 
Although Bryant does not disclose rendering the memory protection key in the memory 
command inaccessible by overwriting at least a portion of the memory protection key 
upon completion of the memory write command, the step of erasing sensitive 
information to prevent unauthorized disclosure protected information is well known in 
the art. Such a step prevents covert analysis of memory to determine the value of 
deallocated memory. For example, Bishop discloses a basic tenet of secure deletion of 
sensitive information: "When a process finishes using a sensitive object (one that 
contains confidential information or one that should not be altered), the object should be 
erased, then deallocated or deleted. Any resources not needed should also be 
released ." (pg. 901 , last sentence-pg. 902, first sentence, emphasis added) Bishop 
further discloses an example of erasing sensitive information by overwriting the data. 
Pg. 902, 1st full paragraph. Therefore, it would be obvious to one of ordinary skill in the 
art at the time the invention was made to render the memory protection key in the 
memory command inaccessible by overwriting at least a portion of the memory 
protection key. One would be motivated to do so to securely remove sensitive 
information as known to one of ordinary skill. The aforementioned cover the limitations 
of claims 22-27, 30, 32, 34 and 35. 
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9. As per claim 28, the rejection of claim 26 under 35 USC 1 03(a) as being 
unpatentable over Bryant in view of Bishop is incorporated herein. Neither Bryant nor 
Bishop expressly disclose wherein determining comprises retrieving a modified version 
of the memory protection key corresponding to the protected memory location, 
modifying the received key in the memory write command to generate a modified 
received key, and comparing the modified received key to the modified version of the 
memory protection key corresponding to the protected memory location. However, it is 
notoriously well known in the art to use and store a hash value of an identifier as 
opposed to the original identifier. A hash value uniquely maps an original value to a 
modified value, such that the modified value is typically much smaller than the original 
value. Hence, the modified value retains the unique property of the original value but 
requires less memory and bandwidth requirements to store and communicate the value. 
Official Notice of this teaching is taken. Therefore, it would be obvious to one of 
ordinary skill in the art at the time the invention was made wherein the determining step 
comprises retrieving a modified version of the memory protection key corresponding to 
the protected memory location, modifying the received key in the memory write 
command to generate a modified received key, and comparing the modified received 
key to the modified version of the memory protection key corresponding to the protected 
memory location. One would be motivated to do so to preserve memory and 
processing resources as known to one of ordinary skill in the art. The aforementioned 
cover the limitations of claim 28. 
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10. Claims 1, 2, 4, 7-9, 11-15 and 46 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Beukema et al. US Patent Application Publication No. 
20020124148 (hereinafter Beukema) in view of Bishop. 

11. As per claims 1,2,4, 7-9, 11-15 and 46, Beukema discloses a memory 
protection system comprising: 

p. a key store storing identifiers of protected memory locations and 
respective corresponding memory protection keys; and a memory access 
manager configured to receive a memory command for altering contents of any 
of the protected memory locations, determine whether the memory command 
includes a memory protection key corresponding to at least one of said protected 
memory locations to be altered, if the memory command includes the memory 
protection key corresponding to each protected memory location to be altered, 
permit the memory command to proceed, and then render the memory protection 
key in the memory command inaccessible (paragraph 54; by virtue of de- 
allocating memory; see also applicant's specification, pg. 17, lines 19-26); 
q. wherein the identifiers comprise addresses in a protected memory; 
wherein the identifiers identify data entries in a protected memory; (paragraph 
54; pointer to an associated memory region/address) 

r. wherein the key store stores a mapping table that maps each identifier to 
a corresponding memory protection key; (paragraph 54; "Protection/Translation 
Table"); 
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s. wherein at least one of the identifiers is mapped to multiple corresponding 
memory protection keys (paragraph 54; L_key and R_key); 
t. the system implemented in an electronic device having a memory, the 
memory comprising the protected memory locations and unprotected memory 
locations (paragraph 55, and fig. 6); 

u. wherein the memory access manager is further configured to perform the 
memory command that includes the memory protection key corresponding to 
each protected memory location to be altered (paragraphs 54 and 59); 
v. the system implemented in an electronic device, wherein the memory 
command is received by the memory access manager from an originating 
electronic device component, and wherein the originating electronic device 
component proceeds with the memory command permitted by the memory 
access manager; wherein the originating electronic device component is a 
memory update module; wherein the originating electronic device component 
sends memory commands to the memory access manager responsive to data 
received at the electronic device; wherein the originating electronic device 
component is further configured to extract a received memory protection key 
from the received data and to provide the received memory protection key to the 
memory access manager, (fig. 2; paragraphs 54-56; external user supplies 
protection key for rights access (read, write) to protected memory) 
Although Beukema does not disclose rendering the memory protection key in the 
memory command inaccessible by overwriting at least a portion of the memory 
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protection key upon completion of the memory write command, the step of erasing 
sensitive information to prevent unauthorized disclosure protected information is well 
known in the art. Such a step prevents covert analysis of memory to determine the 
value of deallocated memory. For example, Bishop discloses a basic tenet of secure 
deletion of sensitive information: "When a process finishes using a sensitive object (one 
that contains confidential information or one that should not be altered), the object 
should be erased, then deallocated or deleted. Any resources not needed should also 
be released ." (pg. 901, last sentence-pg. 902, first sentence, emphasis added) Bishop 
further discloses an example of erasing sensitive information by overwriting the data. 
Pg. 902, 1st full paragraph. Therefore, it would be obvious to one of ordinary skill in the 
art at the time the invention was made to render the memory protection key in the 
memory command inaccessible by overwriting at least a portion of the memory 
protection key upon completion of the memory write command. One would be 
motivated to do so to securely remove sensitive information as known to one of ordinary 
skill. The aforementioned cover the limitations of claims 1, 2, 4, 7-9, 11-15 and 46. 

12. Claims 16, 17, 19, 20, 22, 25, 36, 39, 43, 44 and 45 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Hind et al. US 6,976,163 (hereinafter 
Hind) in view of Bryant. 

1 3. As per claims 16, 17, 19, 20 and 43, Hind discloses an electronic device 
comprising a memory; a wireless receiver configured to receive data relating to a 
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remote software update to be written to the memory, and means to securely update the 
software files via update rules, (col. 2:38-59; 19:40-46) However, Hind does not disclose 
ensuring that the update has the proper permission to execute the update in a particular 
memory region. Bryant discloses an electronic device comprising: 

w. a memory; a receiver configured to receive data to be written to the 
memory; and a memory protection system associating protected memory 
locations in the memory with respective corresponding keys, and configured to 
allow the received data to be written to any of the protected memory locations 
only if the received data includes a key corresponding to the protected memory 
location to which the received data is to be written and to render the 
corresponding key in the received data inaccessible after allowing the received 
data to be written to the protected memory location (fig. 1 , fig. 3); 
x. volatile storage having unprotected memory locations, the memory 
protection system configured to download the received data including the key to 
the unprotected memory locations of the volatile storage prior to writing the 
received data to the protected memory locations; wherein the volatile storage is 
part of the memory (fig. 1, reference nos. 125, 130 and 140); 
y. wherein each key is rendered inaccessible by erasing the received data 
from the unprotected memory locations where the memory access manager 
allows the received data to be written to the protected memory locations (by 
virtue of de-allocating memory; see also applicant's specification, pg. 17, lines 
19-26); 
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z. wherein the memory protection system comprises: a key store storing a 
mapping table that associates the protected memory locations with the 
respective corresponding keys; and a memory access manager configured to 
process a memory command for writing the received data to any of the protected 
memory locations, determine whether the received data includes the key 
corresponding to any of the protected memory locations to which the received 
data is to be written, if the received data includes the key corresponding to a 
protected memory location to which the received data is to be written, to permit 
the memory command to proceed, and then render the corresponding key in the 
received data inaccessible (19:41-20:6); 

aa. wherein the key store resides at a secure location in the memory outside 
of the main memory (fig. 1 , reference no. 105); 

bb. wherein the memory protection system is configured to further receive a 
memory read command to access a particular one of the protected memory 
locations, perform reading of the particular protected memory location in 
response to the memory read command, without checking for any memory 
protection key. (21:3-22) 
It would be obvious to one of ordinary skill in the art at the time the invention was made 
to modify the invention of Hind with the teaching of Bryant. One would be motivated to 
do so to ensure that the update has the proper permission to execute the update in a 
particular memory region as disclosed by Bryant. (5:22-30) 
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Furthermore, although Beukema does not disclose the memory protection 
system to render the key inaccessible by overwriting at least a portion of the key, the 
step of erasing sensitive information to prevent unauthorized disclosure protected 
information is well known in the art. Such a step prevents covert analysis of memory to 
determine the value of deallocated memory. For example, Bishop discloses a basic 
tenet of secure deletion of sensitive information: "When a process finishes using a 
sensitive object (one that contains confidential information or one that should not be 
altered), the object should be erased, then deallocated or deleted. Any resources not 
needed should also be released ." (pg. 901 , last sentence-pg. 902, first sentence, 
emphasis added) Bishop further discloses an example of erasing sensitive information 
by overwriting the data. Pg. 902, 1st full paragraph. Therefore, it would be obvious to 
one of ordinary skill in the art at the time the invention was made for the memory 
protection system to render the key inaccessible by overwriting at least a portion of the 
key. One would be motivated to do so to securely remove sensitive information as 
known to one of ordinary skill. The aforementioned cover the limitations of claims 16, 
17, 19, 20 and 43. 

14. As per claims 22, 25 and 44, Hind discloses a method to remotely update 
software via update rules contained in the update; receiving the update comprises 
receiving, by a wireless receiver, (col. 2:38-59; 19:40-46) However, Hind does not 
disclose ensuring that the update has the proper permission to execute the update in a 
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particular memory region. Bryant discloses a method of protecting memory in an 
electronic device, comprising: 

cc. receiving a memory command to alter a protected memory location; 
determining whether the received memory command is a memory read 
command to read the protected memory location, or a memory write command to 
alter the protected memory location (col. 21 :3-21 ; fig. 3); in response to 
determining that the received memory command is the memory write command: 
iii. identifying a memory protection key corresponding to the protected 
memory location; determining whether the memory command includes the 
memory protection key corresponding to the protected memory location; 
permitting completion of the memory command where the memory 
command includes the memory protection key corresponding to the 
protected memory location (fig. 3, reference nos. 540, 560); and rendering 
the memory protection key in the memory command inaccessible (by 
virtue of de-allocating memory; see also applicant's specification, pg. 17, 
lines 19-26); and 

dd. in response to determining that the received memory command is the 
memory read command, processing the memory read command to read the 
protected memory location without checking for any memory protection key; 
(21:15-18) 
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ee. receiving data to be written to the protected memory location; and 
generating the memory write command responsive to receiving the data (fig. 1, 
reference no. 540); 

It would be obvious to one of ordinary skill in the art at the time the invention was made 
to modify the invention of Hind with the teaching of Bryant. One would be motivated to 
do so to ensure that the update has the proper permission to execute the update in a 
particular memory region as disclosed by Bryant. (5:22-30) 

Finally, although Bryant does not disclose rendering the memory protection key 
in the memory command inaccessible by overwriting at least a portion of the memory 
protection key upon completion of the memory write command, the step of erasing 
sensitive information to prevent unauthorized disclosure protected information is well 
known in the art. Such a step prevents covert analysis of memory to determine the 
value of deallocated memory. For example, Bishop discloses a basic tenet of secure 
deletion of sensitive information: "When a process finishes using a sensitive object (one 
that contains confidential information or one that should not be altered), the object 
should be erased, then deallocated or deleted. Any resources not needed should also 
be released ." (pg. 901, last sentence-pg. 902, first sentence, emphasis added) Bishop 
further discloses an example of erasing sensitive information by overwriting the data. 
Pg. 902, 1st full paragraph. Therefore, it would be obvious to one of ordinary skill in the 
art at the time the invention was made to render the memory protection key in the 
memory command inaccessible by overwriting at least a portion of the memory 
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protection key. One would be motivated to do so to securely remove sensitive 

information as known to one of ordinary skill. 

The aforementioned cover the limitations of claims 22, 25 and 44. 

15. As per claims 36 and 45, Hind discloses a method to remotely update software 
via update rules contained in the update; wherein the update is received by a wireless 
receiver, (col. 2:38-59; 19:40-46) However, Hind does not disclose ensuring that the 
update has the proper permission to execute the update in a particular memory region. 
Bryant discloses a method of protecting electronic memory, comprising: 

ff. configuring a memory store of an electronic device into at least one 
protected memory location and a key store operable to store an identifier of each 
protected memory location and a respective corresponding memory protection 
key; and configuring a processor of the electronic device to provide a memory 
access manager operable to receive memory commands for altering contents of 
any of the at least one protected memory location, and for at least one memory 
command, to determine whether the memory command includes a memory 
protection key corresponding to at least one protected memory location to be 
modified, said memory command including the memory protection key 
corresponding to at least one said protected memory location to be modified, to 
permit the memory command and then render each corresponding memory 
protection key in the command inaccessible; (fig. 3, reference nos. 540-570) 
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gg. wherein configuring the processor further comprises configuring the 
processor to receive a memory read command to read a particular one of the 
protected memory locations, and to permit the memory read command to read 
the particular protected memory location without checking for any memory 
protection key. (21:3-22) 
It would be obvious to one of ordinary skill in the art at the time the invention was made 
to modify the invention of Hind with the teaching of Bryant. One would be motivated to 
do so to ensure that the update has the proper permission to execute the update in a 
particular memory region as disclosed by Bryant. (5:22-30) 

Finally, although Bryant does not disclose rendering the memory protection key 
in the memory command inaccessible by overwriting at least a portion of the memory 
protection key upon completion of the memory write command, the step of erasing 
sensitive information to prevent unauthorized disclosure protected information is well 
known in the art. Such a step prevents covert analysis of memory to determine the 
value of deallocated memory. For example, Bishop discloses a basic tenet of secure 
deletion of sensitive information: "When a process finishes using a sensitive object (one 
that contains confidential information or one that should not be altered), the object 
should be erased, then deallocated or deleted. Any resources not needed should also 
be released ." (pg. 901, last sentence-pg. 902, first sentence, emphasis added) Bishop 
further discloses an example of erasing sensitive information by overwriting the data. 
Pg. 902, 1st full paragraph. Therefore, it would be obvious to one of ordinary skill in the 
art at the time the invention was made to render the memory protection key in the 
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memory command inaccessible by overwriting at least a portion of the memory 
protection key. One would be motivated to do so to securely remove sensitive 
information as known to one of ordinary skill. The aforementioned cover the limitations 
of claims 36 and 45. 

16. As per claim 39, Bryant further suggests a computer-readable medium storing 
instructions for performing the method of claim 36. (fig. 1 ) 

17. Claims 1 and 3-6 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over England et al. USPN 7,194,092 (hereinafter England) in view of Bishop. 

18. As per claims 1 and 3-6, England discloses a memory protection system 
comprising: 

hh. a key store storing identifiers of protected memory locations and 
respective corresponding memory protection keys; and a memory access 
manager configured to receive a memory command for altering contents of any 
of the protected memory locations, determine whether the memory command 
includes a memory protection key corresponding to at least one of said protected 
memory locations to be altered, if the memory command includes the memory 
protection key corresponding to each protected memory location to be altered, 
permit the memory command to proceed, and then render the memory protection 
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key in the memory command inaccessible (col. 10:41-51; by virtue of de- 
allocating memory; see also applicant's specification, pg. 17, lines 19-26); 
ii. wherein the identifiers comprise names of protected files in a memory; 
wherein the identifiers identify data entries in a protected memory; (10:31-35; 
16:33-37) 

jj. wherein each of the memory protection keys comprises a modified version 
of a data sequence; wherein the modified version comprises a hash of the data 
sequence. (10:41-51 ; 17:1-30; 17:57-18:14) 
19. Although England does not disclose rendering the memory protection key in the 
memory command inaccessible by overwriting at least a portion of the memory 
protection key, the step of erasing sensitive information to prevent unauthorized 
disclosure protected information is well known in the art. Such a step prevents covert 
analysis of memory to determine the value of deallocated memory. For example, 
Bishop discloses a basic tenet of secure deletion of sensitive information: "When a 
process finishes using a sensitive object (one that contains confidential information or 
one that should not be altered), the object should be erased, then deallocated or 
deleted. Any resources not needed should also be released ." (pg. 901, last sentence- 
pg. 902, first sentence, emphasis added) Bishop further discloses an example of 
erasing sensitive information by overwriting the data. Pg. 902, 1st full paragraph. 
Therefore, it would be obvious to one of ordinary skill in the art at the time the invention 
was made to render the memory protection key in the memory command inaccessible 
by overwriting at least a portion of the memory protection key. One would be motivated 



Application/Control Number: 10/813,003 Page 22 

Art Unit: 2432 

to do so to securely remove sensitive information as known to one of ordinary skill. The 
aforementioned cover the limitations of claims 1 and 3-6. 
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for the organization where this application or proceeding is assigned is 571-273-8300. 
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published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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